On Sun, Oct 16, 2016 at 11:37 AM, Ishara Karunarathna <isha...@wso2.com>
> Hi All,
> With the current IS implementation We have individual SP configurations
> and we associate authentication chains, claim, provisioning configurations
> etc.. to that service provider configuration.
> As a improvement to this we can group these configurations lets say a
> security circle.
> For a security circle [SC].
> We can configure set of service providers within a SC.
> Associate Userstores to that SC
> Define Authentication chain, Provision config etc..
> Configre Administration policies Ex: only users in wso2admin can manage
> the wso2 security circle.
Are we using XACML? May be Administration/Delegation profile...
> Group authorization policies belong to this circle.
> Once we configure those it will be applicable to all service providers and
> can override with SP level configurations.
We can have different login sessions to each circle.
So; end user will have different session for each SC in same browser ?
Is SC an internal detail or expose to end users (I meant whether it is
like tenant domain)?
Does request contain some detail/param on SC?
> How can we use this.
> Achieve Enterprise SaaS application use case discussed in 
> No need to configure same configurations in each SP level can inherit from
> SC configurations.
> Since we are going with container base Multi tenancy in C5, If a user does
> not like, that can be handle with this security circle.
>  "[C5 IS] Multi-tenancy in C5 based IS"
> Ishara Karunarathna
> Associate Technical Lead
> WSO2 Inc. - lean . enterprise . middleware | wso2.com
> email: isha...@wso2.com, blog: isharaaruna.blogspot.com, mobile:
> Architecture mailing list
Thanks & Regards,
Mobile : +94 777 625 933
+358 449 228 979
Architecture mailing list